In the objectclass schema definition you must have one of MAY or MUST, otherwise there
are no attributes considered legal by adding your supplimentary objectclass to an object, it wont affect what attributes are considered valid (valid attributes in your case are determined by the superset attributes which are allowed by the other objectclass values).

The MAY attribute you commented out does not look valid, IMHO.. from the shipped schemas :

I need an attribute to store password expiry date for the inetOrgPerson objectClass entries in my directory. Since I could not find this or similar attribute in the existing set of schemas (including the ppolicy schema), I have tried to implemented an
extension in a custom local.schema:

objectclass ( 1.3.6.1.4.1.22280.1021.4.1 NAME 'x-sdids-enPortal'

DESC 'Indicates that this entry has additional attributes used by enPortal.'

I figured the best bet would be an auxiliary objectClass. After including the new local.schema file in the slapd.conf, and restarting slapd, I get an error when trying to add the new attribute value to an existing or new inetOrgPerson entry:

I have also tried to first add an objectClass attribute value to an existing entry with value ‘x-sdids-enPortal’, and then add the ‘x-sdids-passwordExpirationTime’ attribute value, with the same outcome.

Thanks,

Bryce Powell

-- The only thing that interferes with my learning is my education.Albert Einstein